Speech-Driven LLMs
Sirens' Whisper: Inaudible Jailbreaks of Speech-Driven LLMs
This research introduces SWhisper, a novel framework for covertly injecting inaudible near-ultrasound prompts into speech-driven LLMs, enabling jailbreaks and other attacks through commodity hardware.
Executive Impact
SWhisper reveals a critical, underexplored vulnerability in voice-enabled AI systems. Its high effectiveness and covert nature pose significant risks, demanding immediate attention to develop robust countermeasures.
0.94
Non-Refusal Score (NR)
0.925
Specific-Convincing Score (SC)
100%
User Inaudibility
Deep Analysis & Enterprise Applications
Select a topic to dive deeper, then explore the specific findings from the research, rebuilt as interactive, enterprise-focused modules.
Sirens' Whisper (SWhisper) is the first practical framework for covert prompt-based attacks against speech-driven LLMs under realistic black-box conditions using commodity hardware. It delivers arbitrary target baseband audio using near-ultrasound waveforms that demodulate faithfully after acoustic transmission and microphone nonlinearity.
SWhisper integrates a robust, universal covert acoustic channel with a voice-friendly jailbreak construction method. It leverages channel-inversion pre-compensation and semantic-regularized suffix optimization for robust, inaudible delivery.
This attack highlights new security risks in speech-driven LLMs, revealing a broader class of vulnerabilities. Potential defenses include signal-based detection (though often unreliable on commodity hardware) and robust model-level alignment.
Enterprise Process Flow
Voice-Friendly Prompt Generation
→
Channel Characterization
→
Inversion Pre-compensation
→
Near-Ultrasound Modulation
→
Acoustic Transmission
→
Microphone Nonlinearity Demodulation
→
Speech-Driven LLM Input
→
Jailbreak Success
94%
Peak Non-Refusal Rate Achieved
| Feature | SWhisper | Traditional Methods |
|---|---|---|
| Inaudible Delivery |
|
|
| Commodity Hardware |
|
|
| Target LLM |
|
|
| Robustness |
|
|
Real-World Application: In-Vehicle Systems
An attacker could covertly inject commands into an in-vehicle speech-driven LLM using SWhisper. For instance, while a user is navigating, an inaudible command could be played to alter the navigation destination or retrieve sensitive vehicle data. This demonstrates the critical need for robust defenses in automotive AI, leading to the benefit of altering navigation or retrieving data.
Calculate Your Potential AI ROI
Estimate the significant efficiency gains and cost savings your enterprise could achieve with advanced AI implementation.
Estimated Annual Savings
$0
Hours Reclaimed Annually
0
Our AI Implementation Roadmap
A structured approach to integrating cutting-edge AI into your enterprise, ensuring success from strategy to scaling.
Phase 1: Discovery & Strategy
Comprehensive audit of existing AI infrastructure and business goals to define key objectives.
Phase 2: Solution Design & Prototyping
Tailored AI solution architecture, including model selection, data pipelines, and initial prototype development.
Phase 3: Implementation & Integration
Full-scale deployment of the AI solution, seamless integration with existing systems, and rigorous testing.
Phase 4: Optimization & Scaling
Continuous monitoring, performance tuning, and scaling the solution to meet evolving enterprise needs.
Ready to Transform Your Enterprise with AI?
Book a complimentary consultation with our AI experts to explore how these insights can drive your strategic initiatives and achieve measurable impact.
Ready to Get Started?
Book Your Free Consultation.
Let's Discuss Your AI Strategy!
Lets Discuss Your Needs
Select a Date
Sun
Mon
Tue
Wed
Thu
Fri
Sat